In March 2024, Mozilla said it was winding down its collaboration with Onerep — an identity protection service offered with the Firefox web browser that promises to remove users from hundreds of people-search sites — after KrebsOnSecurity revealed Onerep’s founder had created dozens of people-search services and was continuing toRead More »Mozilla Says It’s Finally Done With Two-Faced Onerep
Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet. The activity, codenamed ShadowRay 2.0, is an evolution of a prior wave that was observed between SeptemberRead More »ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
Cybersecurity researchers have warned of an actively expanding botnet dubbed Tsundere that’s targeting Windows users. Active since mid-2025, the threat is designed to execute arbitrary JavaScript code retrieved from a command-and-control (C2) server, Kaspersky researcher Lisandro Ubiedo said in an analysis published today. There are currently no details on howRead More »Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows
The Android malware is in development and appears to be mainly aimed at users in Europe. The post New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages appeared first on SecurityWeek.
The AI-native social engineering defense (SED) platform will accelerate product innovation and expand its offerings. The post Doppel Raises $70 Million at $600 Million Valuation appeared first on SecurityWeek.
A Chinese threat actor is exploiting known vulnerabilities in discontinued Asus devices in an Operational Relay Box (ORB) facilitation campaign. The post Over 50,000 Asus Routers Hacked in ‘Operation WrtHug’ appeared first on SecurityWeek.
Media Land, Hypercore, and their leadership and employees are allegedly connected to various cybercriminal activities. The post US and Allies Sanction Russian Bulletproof Hosting Service Providers appeared first on SecurityWeek.
This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we’ve seen arrests, spies at work, and big power moves online. Hackers are getting caught. Spies are getting better at their jobs. Even simple things like browser add-ons and smartRead More »ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
Google has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people into “disclosing sensitiveRead More »Scam USPS and E-Z Pass Texts and Websites
Researchers demonstrated a now-patched vulnerability that could have been used to enumerate all WhatsApp accounts. The post Vulnerability Allowed Scraping of 3.5 Billion WhatsApp Accounts appeared first on SecurityWeek.
